ssh策略之fail2ban

yum -y install epel-release
yum -y install fail2ban

cp /etc/fail2ban/jail.conf /etc/fail2ban/local.conf
vim /etc/fail2ban/local.conf
在文末添加如下代码：

[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=22, protocol=tcp]
#sendmail-whois[name=SSH, dest=your@email.com, sender=fail2ban@email.com]
logpath = /var/log/secure
maxretry = 3
bantime = 300

尝试次数3，如果失败，300秒内禁止连接

参考自克己复礼，更多内容请点击这

标签：策略,300,etc,fail2ban,conf,local,email,ssh
来源： https://www.cnblogs.com/sillage/p/13966485.html